<?
session_start();

$alterCaptionFail = false;
$alreadyInAlbum = false;
$dateFormat = false;


require("../../mysql.config.inc");
$mysqli = new mysqli($host,$username,$password,$db);  

if(isset($_POST['alterCaption']) && $_POST['alterCaption'] != "Put caption here"){
	$_GET['pid'] = $_POST['alterPhotoId'];
	
	if(preg_match("|^[a-zA-Z0-9.,'\s]+$|", $_POST['alterCaption'])){
		$alterCaption = $_POST['alterCaption'];
		$alterPhotoId = $_POST['alterPhotoId'];
		$query = "UPDATE Photos SET Caption = \"$alterCaption\" WHERE pid = $alterPhotoId";
		$mysqli->query($query);
	}
}

if(isset($_POST['changeAlbumsIn']) && isset($_POST['alterPhotoId'])){
	$changeArray = $_POST['changeAlbumsIn'];
	$alterPhotoId = $_POST['alterPhotoId'];
	$_GET['pid'] = $_POST['alterPhotoId'];
	
	foreach($changeArray as $aid){
		$query = ("SELECT* FROM AlbumIn WHERE aid = $aid AND pid=$alterPhotoId");
		
		$result = $mysqli->query($query);
		$numRows= $result->num_rows;
		
		if($numRows == 0){
			$albumCountResult = $mysqli->query("SELECT COUNT(aid) FROM AlbumIn WHERE aid = $aid");
			$albumCount = $albumCountResult->fetch_array();
			$sequenceNum = $albumCount[0] + 1;
		
			$query = ("INSERT INTO `AlbumIn` (`aid` , `pid`,`sequence`) VALUES ('$aid',  '$alterPhotoId','$sequenceNum');");
			$mysqli->query($query);
		}else{
			$alreadyInAlbum = true;
		}
	}
}

if(isset($_POST['datechange']) && isset($_POST['alterPhotoId'])){
	
	$_GET['pid'] = $_POST['alterPhotoId'];
	if(preg_match("|^[0-9]{4}[-]{1}[0-3]{1}[0-9]{1}[-]{1}[0-1]{1}[0-9]{1}|",$_POST['datechange'])){
		$date = "'".$_POST['datechange']."'";
		$alterPhotoId = $_POST['alterPhotoId'];
		$query = ("UPDATE `Photos` SET `date_taken` = $date WHERE pid = $alterPhotoId");
		$mysqli->query($query);
	}else{
		$dateFormat = true;
	}
}

if(isset($_POST['deletePhoto'])){
	$pid = $_POST['deletePhoto'];
	$result = $mysqli->query("SELECT* FROM Photos WHERE pid = $pid");
	while($photos = $result->fetch_assoc()){
		$file = "../".$photos['Link'];
		unlink($file);
		$file = "../thumbs/".$photos['Link'];
		unlink($file);
	}
	
	$mysqli->query("DELETE FROM `Photos` WHERE `pid` = '$pid'");
	$mysqli->query("DELETE FROM `AlbumIn` WHERE `pid` = $pid");
	
	
	
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>A Photo Gallery</title>
	<link rel="stylesheet" type="text/css" href="../stylesheets/styles.css"/>
	<script type="text/javascript" src="../scripts/alterPhoto.js"></script>
</head>

<body>

<div id="content">
	
	<div id="nav">
		<dl class="menu">
			<dd><a href="../index.php">Home</a></dd>
			<dd><a href="../albums.php">Albums</a></dd>
			<dd><a href="../photos.php">All Photos</a></dd>
			<dd class = "active"><a href="../admin.php">Administration</a></dd>
		</dl>
	</div>
	
	<h2>Administration: Alter a Photo's information</h2>
	
	<?if(!isset($_SESSION['logged_user'])){?>
	
		<div id="bodyText">
		You need to be Logged in to view this page, although it's curious how you got here in the first
		place.<br/>
		<a href="../admin.php">Log in</a>
		</div>
		
	<?}elseif(isset($_POST['deletePhoto'])){?>
	
		<div id="bodyText">
		The photo was successfully deleted.<br/>
		<a href="../photos.php">All Photos</a>
		</div>
		
	<?}elseif(!isset($_GET['pid'])){?>
	
		<div id="bodyText">
		To alter a photo, you will need to select it from it's individual page. How you got here without doing that
		though is a good question.<br/>
		<a href="../photos.php">All Photos</a>
		</div>
		
	<?}else{?>
	
		<div id="bodyText">
		Fill out select which information to change about this photo:<br/><br/>
		
		<div id="viewAlterPhoto">
		<?
		$result = $mysqli->query("SELECT* FROM Photos WHERE pid = ".$_GET['pid']);
		while($photos = $result->fetch_assoc()){
			print("<img src=\"../".$photos['Link']."\" alt=\"Photo Gallery\"width=\"300\" title=\"".$photos['Caption']."\" />\n");
			print("<div id=\"printCaption\">".$photos['Caption']."</"."div>\n");
			$dateTaken = $photos['date_taken'];
		}
		
		print"<br/><br/>";
		?>	
		</div>
		
	
		<form action="alterPhoto.php" method="post" name="upload">
			<p>Change the caption:<br/>
			<textarea rows="3" cols="50" name="alterCaption">Put caption here</textarea><br/><br/>
			
			Add this photo to a new album:<br/>
			<?
				$albumList = $mysqli->query('SELECT* FROM Albums ORDER BY Title');
				while($dropList = $albumList->fetch_assoc()){
					print("<input type=\"checkbox\" name=\"changeAlbumsIn[]\" value=\"".$dropList['aid']."\"/>".$dropList['Title']."<br/>\n");
				}
			?>
			
			<br/>Change the date that it was apparently taken:
			<?if(isset($dateTaken)){print $dateTaken;}else{print"(YYYY-MM-DD)";}?><br/>
			
			<?if($dateFormat){print"<span class=\"alert\">You did not enter the date in the correct 
			format (above). Please try again.</span><br/>\n";}?>
			
			<input type="text" name="datechange"/><br/><br/>
			
			<input type="hidden" name="alterPhotoId" value="<?print("".$_GET['pid']);?>" />
			<input type="submit" value="Change Photo"/>
			</p>
		</form>
	
		<form action="alterPhoto.php" method="post">
			<p>Delete this photo:<br/>
			<input type="hidden" name="deletePhoto" value="<?print("".$_GET['pid']);?>"/>
			<input type="submit" value="Delete Photo" id="deleteButton"/>
			</p>
		</form>
		
		<form action="../admin.php" method="post" name="logout">
			<p>
			<input type="hidden" name="logout"/>
			<input type="submit" id="logout" value="Log Out"/>
			</p>
		</form>
	</div>
	<?}
	$mysqli->close();
	?>
	

</div>
</body>
</html>